Last month, the US Air Force presented at the conference Defcon in Las Vegas, a system data for F-15 fighter aircraft. Security investigators have studied it in detail, finding serious vulnerabilities in it. And it seems that the Air Force was so excited about this result that it decided to launch a satellite next year!
Will Roper, Assistant Secretary of the Air Force, said they intend to use their elite hacker, to try to attack an orbiting satellite and its ground station. It may sound paradoxical, but it is in keeping with Roper's commitment to fundamentally change the way that the military industry faces the challenges of cyberspace.
"We need to overcome fear and accept outside experts to help us be safe. We follow the same procedures security in cyberspace since the 1990 δε decade, says Roper.
Each software it has unavoidable errors that could be exploited by one malicious factor. Roper is well aware of this: Hack the Air Force, a bug bounty initiated by a partnership between HackerOne and the Pentagon's Digital Defense Service, gave 130.000 dollars to a hacker who collected more than 120 vulnerabilities last December.
It was the same service that contacted Air Force with the organizers of Defcon's Aviation Village, a conference hall dedicated to all the air issues that made its debut this year. There, a group of seven hackers, under the watchful eyes of the Air Force, attacked a Trusted Aircraft intelligence station, which transfers data to and from an F-15. With the vulnerabilities they found, they could close the station.
Once the Air Force finds out what common security pitfalls affect its third-party segments, it may begin to have stronger security requirements in its contracts. This strengthens the whole supply chain which in turn makes all aircraft safer.
However, more needs to be done to address the non-transparency of the wider aviation community. Airplane components are difficult to find by independent researchers and major manufacturers refuse any suspicion that their products may have vulnerable points.
The process the Air Force is thinking of is as follows: It will soon invite and select hackers to test their ideas during a "flat-sat" phase - essentially a trial run - six months before Defcon. The hackers selected will visit Defcon for a live hacking contest.
"What we are planning is to put a camera on a satellite that will show the Earth and then the teams try to take control of the camera so that it can be directed to the moon," Roper said.
How useful was this post?
Average rating / 5. Vote count: